In March 2007, Google announced a change in its data retention policy: that it would “anonymize” search data in its server logs after eighteen to twenty-four months. For many observers, the policy change was more significant for the past practice it confirmed than for the future practice it heralded. The policy change underscored that since it first launched its search service, Google had stored its users’ search queries, along with the search results on which the users clicked, indefinitely, and had done so in such a way that this data could be tied to the particular computers from which the queries were made.

Although Google’s privacy policy has long stated what kinds of information the company collects and discloses, that policy has never mentioned Google’s data retention practices. Nor does US law significantly constrain data retention practices, whether by the data subject herself or by a third party (such as Google) that transacts business with the data subject. Our surveillance and information privacy laws, in short, contain a “memory gap”: they regulate the collection and disclosure of certain kinds of information, but they say little about its retention. In addition, much of what the law does say about collection and disclosure provides incentives for indefinite data retention.

TABLE OF CONTENTS